0
votes
0
comments
285
views

Why does a yum package update replaces my yum-cron config files?

  • 0.00 / 5 5
0 votes, 0.00 avg. rating (0% score)
Usually, when applying package updates via yum update, rpm is ‘intelligent’ enough to respect my changes to configuration files under /etc. (It basically looks at the mtime, compares it and depending on the outcome replaces the file with the new version, or just puts the new version beside it.) But with one of the last […]
0
votes
0
comments
3,620
views

SSL23_GET_SERVER_HELLO:unknown protocol, how do I fix my SSL cert?

  • 0.00 / 5 5
0 votes, 0.00 avg. rating (0% score)
I’m trying to wget to my own box, and it can’t be an internal address in the wget (so says another developer). Possibilities: This error happens when OpenSSL receives something other than a ServerHello in a protocol version it understands from the server. It can happen if the server answers with a plain (unencrypted) HTTP. […]
0
votes
0
comments
4,449
views

Nagios 3.x history.cgi Remote Command Execution

  • 0.00 / 5 5
0 votes, 0.00 avg. rating (0% score)
Nagios is a powerful Open Source monitoring system that enables organizations to identify and resolve IT infrastructure problems before they affect critical business processes. It offers complete monitoring and alerting for servers, switches, applications, and services. The Nagios backend has a program called history.cgi that as of late is said to allow an attacker remote […]
0
votes
0
comments
1,781
views

SonicWALL GMS/VIEWPOINT Remote Root Exploit

  • 0.00 / 5 5
0 votes, 0.00 avg. rating (0% score)
The GMS/VIEWPOINT version 6.x and the Analyzer version 7.x are vulnerable to remote attacks which could lead to total control of the system. These versions contains a vulnerability that allows an unauthenticated, remote attacker to bypass the Web interface. The remote attacker is able to expolit this vulnerability by use of a broken session handling […]
0
votes
0
comments
242
views

Should I be disabling Java?

  • 0.00 / 5 5
0 votes, 0.00 avg. rating (0% score)
First it was Apple, now it’s the US government… U.S. urges users to disable Java; Apple disables some remotely New malware exploiting Java 7 in Windows and Unix systems How serious is this “unspecified vulnerability”? Should all users be disabling Java until we know things have been patched?   Ali Ahmad Apple apparently takes this […]